back to article China passes new Cybersecurity Law – you have seven months to comply if you wanna do biz in Middle Kingdom

On Monday, the Chinese government officially passed its 2016 Cybersecurity Law. From June 2017, all companies doing business in the Middle Kingdom will have to obey the new rules. The legislation, approved by the National People's Congress, takes away the last vestiges of anonymity for China's 710 million internet users, and …

  1. W Donelson

    Told you so... Rich western investors will be screwed.

    China will rob you blind, just like the rich did to their home countries.

    1. Preston Munchensonton
      Stop

      Re: Told you so... Rich western investors will be screwed.

      I've been told that Haiti has no evil rich people. Sounds like paradise, no?

      1. BillG
        Trollface

        Re: Told you so... Rich western investors will be screwed.

        Next: China announces they are changing their name to Apple.

        1. Fungus Bob

          Re: Told you so... Rich western investors will be screwed.

          "Next: China announces they are changing their name to Apple."

          And then they'll sue Apple for trademark infringement.

      2. JLV

        Re: Told you so... Rich western investors will be screwed.

        There aren't many rich in Haiti, true. True.

        None, and they are not evil? Hmmm... Rumor is that, back in the days when Baby Doc was in charge, his doxy was very fond of fur coats. To the point where she apparently needed a food-grade cold storage room for all her coats.

        They are still all poor, true. But wanna bet no one (of their own people) is taking advantage of them nowadays and filthy rich doing so? I wouldn't.

        1. Preston Munchensonton

          Re: Told you so... Rich western investors will be screwed.

          They are still all poor, true. But wanna bet no one (of their own people) is taking advantage of them nowadays and filthy rich doing so? I wouldn't.

          If there were more evil rich people there to take advantage of them, they wouldn't be so poor. True story.

          1. JLV

            Re: Told you so... Rich western investors will be screwed.

            >If there were more evil rich people there to take advantage of them, they wouldn't be so poor.

            Dude, what are you talking about? I am not talking about "evil capitalists" or "bad multinationals" corrupting "poor innocent third worlders" and generating "bad wealth".

            Duvalier wasn't creating wealth and he sure wasn't a capitalist. He was just robbing his people.

            Notwithstanding the current absence of business and abject general poverty of Haiti, I am sure that some people are still getting rich there.

            Not in a capitalist or wealth-creating sense of "rich", which I don't necessarily object to, but in old style corruption and feudal oppression type of rich, like the Putins, Mugabes and Duvaliers of this world, which I do object to.

            When a place has 5 million people living on $1-2 a day (probably ballpark figure in Duvalier's time) and when it has few natural resources, you can figure out for yourself how much of a cut it takes to maintain the lifestyle people like him had. It's not the 1%, more like the 0.001%.

            Haiti might do well, or not, from more foreign capitalism - it doesn't have much of it right now. I'd be inclined to think it would do better.

            And I don't blame Western countries for it either - there is only so much we can be expected to fix other people's problems for them if we did not cause them.

            I am not confusing "rich" with "evil" or "robbery". And sorry if I was unclear in my quip about fur coats. But don't confuse "rich" with "productive" either.

            Sorry if I seem bitter, I have lived near Haiti, layovered at its airport a few times - after a rain you can see the ecological disaster from erosion runoffs as a band of brown water on the coastline and I have met quite a few Haitians. It is just very sad that the place is like that and seems like it won't ever improve.

  2. Anonymous Coward
    Anonymous Coward

    Espionage

    China copying parts of the UK IP Bill again. Although looks like the Chinese population won't put up with harvesting silos of their data for more than six months, unlike UK sheeple who allow their data to be stored for years. Just in case it's needed of course, better safe than sorry, nothing to hide etc...

    1. Notas Badoff

      Re: Espionage

      "... looks like the Chinese population won't put up with ..." Good lord, you have quite mistaken things, haven't you? They never had a vote. They never will. What the party wants, the party gets.

      And when establishing the structures of repression, how do you yet look enlightened? "six months" Sounds just fine, really. Later, after the next 'incident' that can be exploited, a year. Then the next after that (see the country is under attack!), two years. It is actually a mark of sophistication that appearances are taken into account from the beginning! Yay.

      Everything done in China (that can be controlled) is required to be of benefit to China directly. Much of that is judged by how directly that is of benefit to the party. Appearances. If the party can crow that they have fostered technology to the point that Chinese-produced IT is world-quality, great. Since more and more will be required to be sourced from China, "... equipment from a list that has been government tested and approved" will provide the PR material, yes?

    2. Voland's right hand Silver badge

      Re: Espionage

      Although looks like the Chinese population

      Err... spelling mistake. Surely: "Although looks like the Chinese corporations"

      Data retention is costs in more way than one. It is a storage cost, it is a security cost and it is a a potential reputation cost (if data is stolen). Corporations would rather avoid it. If they can.

      1. James 36

        Re: Espionage

        data storage security isn't a problem, just get one of those ransomware products run it on the servers you are storing the data on and buy the decryption key

        simple and cheap

        I'll get my coat, its the one that been stolen

  3. Anonymous Coward
    Stop

    "Persons who are directly in charge and other directly responsible personnel"

    Is Beijing going to try to enforce this in an extra-territorial manner? Blame the IT guy back in Tokyo/Omaha/Rotterdam because he oversaw network security and the last audit, and because he's not Chinese? Then penalize the employer when they don't serve the IT whipping boy up?

  4. Anonymous Coward
    Anonymous Coward

    If only they had an equally strong approach to intellectual property laws.

    1. Youngone Silver badge

      If only they had an equally strong approach to intellectual property laws.

      But they don't, because why would they? What possible advantage to China would stronger IP laws be?

      This is exactly the same attitude the US took earlier in it's history.

      Ironically it is exactly the attitude that got Hollywood up and running.

      This is amusing

    2. TheVogon

      "If only they had an equally strong approach to intellectual property laws."

      But they do - they stand up to big companies that abuse IP - see

      http://www.bbc.co.uk/news/business-36200481 and

      http://www.bbc.co.uk/news/business-18669394

  5. Diogenes

    This is exactly the same attitude the US took earlier in it's history.

    At it least it gave us Pirates of Penzance :-)

    https://en.wikipedia.org/wiki/The_Pirates_of_Penzance#Background

  6. Terry Cloth
    Big Brother

    Cutting their own throats?

    It's long been my opinion that there must be some lash in the geartrain or it'll simply seize up. Overly fine-grained control kills throughput. When their economy slows down five to seven years from now (isn't it showing symptoms of slowdown even now?), will they recognize that more freedom is the answer? If not, they're headed back to third-world status.

    1. Anonymous Coward
      Anonymous Coward

      Re: Cutting their own throats?

      The Chinese economy is in the crapper, just like Europes has been; the difference is that the Chinese government have near total control of what gets published, so they say everything is fine.

      My wifes home city has plans to triple in size ove 7 years, yet even the apartment complexes they have already built over the last 2 years lie more than half empty. Walking down the road near my MiLs apartment complex, NONE of the apartments on the l/h side of the road are occupied; 2 whole city block sized developments of 20+ story apartment building, crammed as close as they dare, and all empty.

    2. Preston Munchensonton
      Boffin

      Re: Cutting their own throats?

      Overly fine-grained control kills throughput. When their economy slows down five to seven years from now (isn't it showing symptoms of slowdown even now?), will they recognize that more freedom is the answer?

      Doesn't seem to occur to the ivory tower oligarchy in the US, UK, France, etc., so I doubt that will be the prescription. When it's not working, the solution is always more central control, more central planning, not less.

  7. Someone Else Silver badge
    WTF?

    Really?!?

    Iain Thompson writes:

    In many ways there are a lot of good ideas in the Chinese government's new laws, and ordinary internet users haven't lost more than they all ready had.

    Really? Please enlighten we benighted masses by naming two such "good ideas". Or would doing so run you afoul of your Sino overlords?

    1. smudge

      Re: Really?!?

      Keeping critical infrastructure data within national borders is another.

      Forbidding people from "disseminating false information to disrupt the economic or social order" sounds good in principle. Though we all know that the Chinese authorities are going to use that to crack down on anything they deem to be dissent - the authorities will decide what's false information.

      But an effective, balanced implementation of that in the UK might have improved the piss-poor Brexit debates that we had earlier this year. (That comment applies to both sides in the debate, by the way.) And in the US, it might also have disqualified, if not actually imprisoned, that odious, orange, lying lump of self-love that millions of Americans will be voting for.

      1. Brewster's Angle Grinder Silver badge

        Re: Really?!?

        >Forbidding people from "disseminating false information to disrupt the economic or social order" sounds good in principle....[a] balanced implementation of that in the UK might have improved the piss-poor Brexit debates...

        We have a similar law in respect to elections. The DPP is currently considering whether to prosecute.

        @See: El Graun.

    2. ForthIsNotDead

      Re: Really?!?

      Reading the article, the last paragraph reads like it's been inserted either as an afterthought, or by a different writer.

      1. Rich 11
        Joke

        Re: Really?!?

        A Chinese hacker?

    3. Anonymous Coward
      FAIL

      Re: Really?!?

      @ Someone else

      "Really? Please enlighten we benighted masses by naming two such "good ideas". "

      "All security incidents must be reported to a central government register"

      "users must be told if their data has been hacked. "

      ""Persons who are directly in charge and other directly responsible personnel" can be fined up to RMB100,000 ($14,760) apiece for failure to comply."

      There you go, 3 good examples in the same paragraph. I take it you read the article?

      In the western world it goes as such.

      Cover it up, then deny everything and finally issue a half arsed apology and carry on as before.

      1. Someone Else Silver badge

        Re: Really?!?

        I will agree that users need to be told that they have been hacked is a good one. there is an exception to every rule, which is why I asked for 2. I cannot agree that "All security incidents must be reported to a central government register" is a good idea, simply because the Government (in general, but the PRC gov't specifically) cannot be trusted to manage this information effectively. And the reason they cannot be trusted (one reason, anyway) is that third thing, ""Persons who are directly in charge and other directly responsible personnel" can be fined up to RMB100,000 ($14,760) apiece for failure to comply." I have a very hard time thinking that giving the Government such a cudgel can be a good thing.

  8. m0rt

    "All security incidents must be reported to a central government register and users must be told if their data has been hacked."

    Was one. I assume that there are a lot of provisos in the new law, of which the discussed were only a small section of.

  9. Kevin McMurtrie Silver badge

    CNC Group

    Does this mean government owned Chinese networks will now have valid APNIC contacts and it will be easy to report hackers? Right, I didn't think so.

  10. Anonymous Coward
    Stop

    So apart from "the overturn of the socialist system,"

    "disseminating violent, obscene or sexual information," or "disseminating false information to disrupt the economic or social order." The first offence is policed in the USA by apple, google and Facebook Terms & Conditions as well as normal Legislation, the second is covered by the intelligence services in the UK specifically MI5's mission statement.

    Double Standards anyone ?

    1. Adam 52 Silver badge

      Re: So apart from "the overturn of the socialist system,"

      Not quite sure why you got down voted. It's already illegal in the UK to promote the overthrow of the government or violence (although somehow the red tops seem to be getting away with it at the moment). It's illegal to distribute obscene publications. It's illegal to distribute all but the most mild (ie no penises) sexual content.

      And we also have mandatory data retention on fixed line ISPs and cell operators, with full intercept and databases on demand to come.

      We go further by banning anything that might cause offence.

      ...but at least we abolished criminal libel under the coalition. Shame really as I'd like to see Paul Dacre convicted for last week's front page.

      1. Anonymous Coward
        Anonymous Coward

        Re: So apart from "the overturn of the socialist system,"

        Where in the western world is illegal to distribute porn? Maybe you can't sell it to underage persons, but it doesn't really looks like it's illegal to distribute sexual contents (otherwise most of the actual media outlets will be already shut down).

        And there's a little difference between promoting violence against people/government, and be forbidden even the most feeble objection to the government (look at what is happening in Hong Kong.) - of course anything not approved by the government is false information.

        But keep on saying we are like the Chineses, which implies the Chineses are doing no wrong after all - one day you'll find that - with the support of people like you - we really became like the Chineses....

        1. Anonymous Coward
          Anonymous Coward

          Re: So apart from "the overturn of the socialist system,"

          "Where in the western world is illegal to distribute porn?"

          Err most countries.

          Go ahead, test it. Send a load of porn to say a female politician, with your name and and address attached and see how well you get on.

          Oh and the vast majority of Muslim countries, but not sure if you count them as western.

      2. allthecoolshortnamesweretaken

        Re: So apart from "the overturn of the socialist system,"

        "It's illegal to distribute obscene publications."

        How do you explain rags like The Daily Mail then?

    2. Anonymous Coward
      Anonymous Coward

      Re: So apart from "the overturn of the socialist system,"

      "disseminating ...sexual information" - could be construed to cover contraception, LGBT health information....

      1. Anonymous Coward
        Anonymous Coward

        Re: So apart from "the overturn of the socialist system,"

        All of which have been opposed on a state level in the USA. I'm also sure that with a billion plus people that someone in the backwoods of China is going to do something abhorrent, just like happens in every country and yet it will be attributed to "the state". Yet it was less than a month ago that the UK pardoned state sponsored imprisonment and chemical castration for consensual homosexual sex.

        If one based the foundation of the UK as the Magna Carta, then it's taken us over 800 years to figure out "some" issues, whereas China circa 1949 is really only setting up a legal framework to protect its interests and could be interpreted as the privacy of it's citizen's data. Yes, some people may have data used against them, but then "we" in the first world have broken privacy laws left right and centre, are still trying to get back doors to security installed to perform further unlawful state surveillance, and routinely place people under house arrest, imprisonment without charge and in the last ten years, tortured individuals and executed suspects with trial or due process in drone strikes. Our outrage only lasts a news cycle.

  11. Anonymous Coward
    Joke

    Still, nothing about the IoT crap they sell...

    Must be protected by the "socialist" part..

  12. Christoph

    "Critical infrastructure providers also have to buy their equipment from a list that has been government tested and approved. "

    So by the time the bureaucracy approves it, they will be allowed to buy 10 year old equipment that is no longer manufactured. Or equipment where all the development money was spent on bribes.

    1. Anonymous Coward
      Anonymous Coward

      There's a surprising lack of bribery in China. Yes, it exists in the back woods just as it does in any country, but at local party level the penalty for corruption is death. But once again it's double standards.

      2014 - http://www.latimes.com/business/hiltzik/la-fi-hiltzik-20141207-column.html Huawei not being permitted to work in the USA and Australians telecoms industry at an infrastructure level, maybe they didn't "lobby" *cough* bribe the correct senate sub committee in the USA. In the UK, GCHQ oversees their activities.

      http://www.bbc.co.uk/news/technology-25417332

      1. harmjschoonhoven

        Re: bribery in China

        China has never had a formal privatisation programme. Instead, as Minxin Pei, a professor of government at Claremont McKenna College in California, writes in China's Crony Capitalism, decentralising the rights of control over state property without clarifying the rights of ownership gave those who rule maximum advantage to extract wealth from society. Rights of control have been separated from rights of ownership in China - and where ownership is uncertain, control is key.

        With clinical precision, Mr Pei explains how corruption operates at every level, perverting each branch of the party-state and subverting the political authority of the regime. The party cannot mitigate, let alone eradicate, "crony capitalism" because, since 1989, it has been "the very foundations of the regime's monopoly of power", the author argues. The conclusion, he believes, is that far from saving the regime, President Xi Jinping's anti-corruption drive may accelerate its demise by creating divisions within the ruling elite even as it reinforces strong popular resentment of corruption. (Cit, from The Economist)

        China's Crony Capitalism: The Dynamics of Regime Decay. By Minxin Pei. Harvard University Press.

  13. tiggity Silver badge

    Power

    Can't have the people "disseminating false information."

    That's the Governments job

  14. William 3 Bronze badge

    Almost as bad as the UK.

    As we ALREADY have ALL of that, and MORE to come.

  15. Slx

    I could see this coming to major blows with the US on trade.

    This could effectively kill Apple and Google and other US IT companies and consumer product companies in China.

    At the best they're going to end up with special China editions of devices that are providing a narrow subset of services available elsewhere.

    China expects to have unfettered access to the US and EU markets but at the same time is quite happy to impose extremely serious restrictions on US exports in this case. So, I could see this turning relatively nasty as the months and years roll on.

    Fundamentally, it looks like China isn't really compatible with a modern information society type economy as the government is just unwilling to let information flow.

    1. Paul Crawford Silver badge

      But what will the USA actually do?

      The Chinese now have their factories and most production process/IP by the balls.

      1. Slx

        China's actually not in *that* strong a position.

        Multinational companies will only hang on in there as long as the country is friendly to them. If it starts imposing onerous and intrusive regulation that is impacting their products and security, you may find the attitude changes very rapidly.

        There are other places these things can be made and all it takes is a big shift in attitudes. It won't necessarily be the American Government who make this kind of decision. They're not a corporate dictatorship that tells companies what to do. However, if the Chinese grow openly hostile to things like this, you are going to see companies looking elsewhere. It's just inevitable.

        Chinese companies can potentially be major competitors, Huawei, ZTE and a few others have shown this is most definitely the case. However, if one side enters into protectionist policies, the other side will reciprocate. It's a two-way street where China is getting access massive consumer markets which it simply does not have internally.

        For all the openness to business, China is not an open democracy and is unlikely to become one anytime soon. Its default reaction to free flow of information is to immediately censor it and filter it while all of these IT products and services are designed to maximise free-flowing exchange of ideas and knowledge and come from places that foster that kind of approach to life generally.

        It would suit the Government and the companies to just exclude foreign IT companies and products so that the Chinese domestic market was running on some kind of controlled platform that allowed the Government to control the message and probably opened up levels of Big Brother spying and tracking that would be the wet dream of Western spy agencies who could never go that far, even if they wanted to.

        You can't really square the circle and there isn't really a compromise position on this. You can't have unfettered media and social sharing and extreme state control just co-existing without problems.

        China will have to decide does it want continued unfettered access to global markets?

        Or does it want to crack down on internal free flow of information using restrictive IT ?

        You really can't have both.

    2. Blotto Silver badge

      @ Six

      You fail to realise that western governments also place similar restrictions on what services companies provide citizens. Data protection act etc. Just today Facebook have stopped collating whatsapp data with Facebook data due to eu and uk privacy laws.

  16. NanoMeter

    China - socialist?

    China's "socialist system" is about as socialist as DDR's system was democratic.

    It's socialist only in name. It has become fascist.

    1. Anonymous Coward
      Anonymous Coward

      Re: China - socialist?

      autocratic or oligarchic, I'd have said.

  17. Eddy Ito

    Fear not

    I'm sure Dianne Feinstein has minions working at full speed to copy the law and get it ready for a vote in the next session of congress. If only it was as simple as doing a find and replace on "中国" with "United States". Oh wait

  18. imanidiot Silver badge

    What this SHOULD result in

    This SHOULD result in most if not all western companies pulling out of China. Probably short term profit will prevail and companies will just bow down and take it like usual.

  19. Tubz Silver badge

    Looking at the big picture, some of their rulings make sense, corporations and the fat cats will be liable, rather than slinking in to the shadows and using a fall guy !

  20. Blotto Silver badge

    Business side seems sensible

    We should be adopting the business side of those regs.

    There would be a hell of a lot less breaches if the operators and companies received huge fines as incentives to do things right from the start. Imposing jail time on civil servents that either don't configure what they are given correctly or don't authorise the purchase and use of the correct kit will sharpen minds no end.

    We do already insist on some of those rules, for example Those running systems deemed in the nation interest must already conform to GCHQ approved solutions.

  21. Anonymous Coward
    Anonymous Coward

    >The legislation, approved by the National People's Congress, takes away the last vestiges of anonymity for China's 710 million internet users, and ensures that the state has the right to censor certain types of content – or even shut down large sections of the local internet – in the name of national security.

    So the British approach?

  22. Anonymous Coward
    Anonymous Coward

    not engage in such activities as "the overturn of the socialist system,

    while in no way do I condone Chinese (which we are cuddly with because they are big and they are (now) rich, unlike those small and weak which we love to preach to), I wonder how long I would last in this country, if I were to engage in such activities as the overturn of the (presumably current political) system?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like